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DETAILED ACTION 

Claim Objections 

1. Claim 3 is objected to because of the following informalities: in the last line "being" 
should be "is" or "are". Appropriate correction is required. 

Claim Rejections - 35 USC §112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 14 and 18-27 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 14 is rejected because it is not clear what is meant by "according to any of the 
claims 1" on line 1. 

Claim 18 is rejected based on lack of positive antecedent basis of "said first and the 
second data means" on lines 5-6. 

Claims 19-27 are rejected because they depend on claim 18. 

Claim 19 is also rejected based on lack of positive antecedent basis of "said transaction" 
on line 1. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 
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5. Claims 1-12,14-17, and 28-40 are rejected under 35 U.S.C. 102(b) as being anticipated 
by "Secure Smart Card Reader Chip PCC807" brochure (hereinafter PCC807) cited by 
applicant. 

As per claim 1 , PCC807 shows a data transfer device (the PCC807 chip), having first 
data interface means (UART connected to the serial interface) for exchanging data with a data 
processing system, second data interface means (bottom of the figure interfaces) for 
exchanging data with a user of said data transfer device, and control means (processor 8051 
and the various modules on the right side of the drawing coupled to the processor) for 
controlling data transfer between said first and second data interface means wherein said 
control means are configured for receiving control data from said first data interface means for 
selectively enabling data exchange between said first and second data interface means 
(throughout the document, wherein data is exchanged between the computer device coupled to 
the serial interface and the user via the smart card and other interfaces at the bottom of the 
figure). The PCC807 shows all of the elements recited in claim 1 . 

As for claim 2, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for processing data provided by said first and second data interface 
means in accordance with said control data (throughout the document). The PCC807 shows all 
of the elements recited in claim 2. 

As for claim 3, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for processing data provided by said first and second data interface in 
accordance with program execution data to be executed by said data processing system, 
wherein said program execution data being comprised by said control data (throughout the 
document). The PCC807 shows all of the elements recited in claim 3. 
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As for claim 4, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for enabling part of said first and second data interface means for 
operation in an open mode (the general mode in the document). The PCC807 shows all of the 
elements recited in claim 4. 

As for claim 5, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for enabling said second data interface means for operation in a secure 
mode (PCC807 describes such a secure mode). The PCC807 shows all of the elements recited 
in claim 5. 

As for claim 6, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for enabling said second data interface means for operation in a secure 
mode and for executing program execution data if said data transfer device is set in a secure 
mode of operation (second page, "secure mode" description). The PCC807 shows all of the 
elements recited in claim 6. 

As for claim 7, the argument for claim 1 applies. PCC807 also shows data storage 
means for storing authentication data, wherein said control means are configured for providing 
an authentication check on received control data for setting said data transfer device in either 
one of an open and secure mode of operation (throughout the document, and in the figure 
"Authenticated Download"). The PCC807 shows all of the elements recited in claim 7. 

As for claim 8, the argument for claim 1 applies. PCC807 also shows data storage 
means for storing certificate data, wherein said control data comprise certificate data, and said 
control data means are configured for checking said certificate data of said control data with 
respect to certificate data stored in said data storage means, for setting said data transfer 
device in a secure mode of operation if said certificate data of said control data are approved 
and for setting said data transfer device in an open mode of operation for either one of 
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disapproval of said certificate data and non-availability of certificate data of said control data, 
and for deleting said control data if said certificate data thereof are false (throughout the 
document). The PCC807 shows all of the elements recited in claim 8. 

As for claim 9, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for enabling part of said first and second data interface means for 
operation in an open mode, and wherein said control means are configured for enabling said 
second data interface means for operation in a secure mode, said second data interface 
comprises keypad means, data card reader means and display means, said control means in 
said open mode are configured for enabling access to said data card reader means, and said 
control means in said secure mode are configured for enabling access to said keypad means, 
data card reader means and display means (throughout the document). The PCC807 shows all 
of the elements recited in claim 9. 

As for claim 10, the argument for claim 9 applies. PCC807 also shows that said control 
means are configured for processing data provided by said card reader means in accordance 
with said control data received (throughout the document). The PCC807 shows all of the 
elements recited in claim 1 0. 

As for claim 1 1 , the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for enabling part of said first and second data interface means for 
operation in an open mode, and wherein said control means are configured for enabling said 
second data interface means for operation in a secure mode, wherein said second data 
interface comprises Input/Output (I/O) means for data exchange with at least one peripheral 
device to be connected to said I/O means, and wherein said control means in said secure mode 
are configured for enabling access to said I/O means by said at least one peripheral device (in 
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the figure and throughout the document). The PCC807 shows all of the elements recited in 
claim 11. 

As for claim 12, the argument for claim 1 1 applies. PCC807 also shows that said I/O 
means are configured for connecting at least one data communication device (at least the LCD 
or keypad). The PCC807 shows all of the elements recited in claim 12. 

As for claim 14, the argument for claim 1 applies. PCC807 also shows that said control 
means are configured for enabling part of said first and second data interface means for 
operation in an open mode, and wherein said control means are configured for enabling said 
second data interface means for operation in a secure mode, further comprising signaling 
means for signaling said mode of operation of said data transfer device (throughout the 
document). The PCC807 shows all of the elements recited in claim 14. 

As for claim 15, the argument for claim 14 applies. PCC807 also shows that said 
signaling means comprise a Light Emitting Diode (LED), and said control means are arranged 
for illuminating said LED if said data transfer device is in its secure mode of operation (page 1 
and in the figure, right hand side). The PCC807 shows all of the elements recited in claim 15. 

As for claim 16, the argument for claim 1 applies. PCC807 also shows means for 
supporting encrypted data transfer via said first interface means (throughout the document). The 
PCC807 shows all of the elements recited in claim 16. 

As for claim 17, the argument for claim 1 applies. PCC807 also shows that first data 
interface means comprise standardized computer data interface means, such as USB 
(Universal Serial Bus) interface means (second page, paragraph 1). The PCC807 shows all of 
the elements recited in claim 17. 

As per claim 28, PCC807 shows method of exchanging data with a data processing 
system using a data transfer device having first data interface means for exchanging data with 
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said data processing system, second data interface means for exchanging data with a user of 
said data transfer device, and control means for controlling data transfer between said first and 
second data interface means, said method comprising the steps of: transferring control data 
from said data processing system to said data transfer device, and selectively enabling 
exchange of data between said first and second data interface means (throughout the 
document). The PCC807 shows all of the steps recited in claim 28. 

As for claim 29, the argument for claim 28 applies. PCC807 also shows that an 
authentication check is performed by said control means on said control data for setting the data 
transfer device in either one of an open and secure mode of operation (throughout the 
document). The PCC807 shows all of the steps recited in claim 29. 

As for claim 30, the argument for claim 29 applies. PCC807 also shows that said control 
data comprise certificate data, wherein said control data being checked by said control means 
with respect to said certificate data, and wherein said data transfer device is set in its secure 
mode of operation if said certificate data of said control data are approved and said data 
transfer device is set in its open mode of operation for either one of disapproval of said 
certificate data and non-availability of certificate data of said control data, said control data 
being deleted if said certificate data thereof are false (throughout the document). The PCC807 
shows all of the steps recited in claim 30. 

As for claim 31 , the argument for claim 30 applies. PCC807 also shows that said data 
transfer device in its open mode of operation exchanges data with said second data interface 
means through a limited number of data input means thereof, including data card reader means, 
whereas the data transfer device in its secure mode of operation exchanges data with said 
second data interface means through a plurality of data input and output devices thereof, 
including keypad means, display means, card reader means, and Input/Output (I/O) means for 
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data exchange with at least one peripheral device to be connected to said I/O means 
(throughout the document). The PCC807 shows all of the steps recited in claim 31 . 

As for claim 33, the argument for claim 31 applies. PCC807 also shows that said I/O 
means are enabled and disabled under control of program execution data of a program 
executed by said data processing system, said program execution data being comprised by said 
control data (throughout the document). The PCC807 shows all of the steps recited in claim 33. 

As for claim 34, the argument for claim 33 applies. PCC807 also shows that said 
program execution data are operative in said data transfer device while a data card operatively 
connects to said card reader means (throughout the document). The PCC807 shows all of the 
steps recited in claim 34. 

As for claim 32, the argument for claim 30 applies. PCC807 also shows that data 
provided by said first and second data processing means are processed in accordance with 
program execution data of a program executed by said data processing system, said program 
execution data being comprised by said control data (throughout the document). The PCC807 
shows all of the steps recited in claim 32. 

As for claim 35, the argument for claim 30 applies. PCC807 also shows that data 
between said data processing system and said data transfer device are exchanged in an 
encrypted form (throughout the document). The PCC807 shows all of the steps recited in claim 
35. 

As for claim 36, the argument for claim 30 applies. PCC807 also shows that control data 
in said data transfer device are erased after the completion of a data exchange (throughout the 
document). The PCC807 shows all of the steps recited in claim 36. 

As per claim 37, the PCC807 shows Application Specific Integrated Circuit (ASIC) 
device comprising data exchange means and control means for selectively enabling data 
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exchange between first and second data interface means based on control data in accordance 
with claim 1 (throughout the document). The PCC807 shows all of the elements recited in claim 
37. 

As for claim 38, the argument for claim 37 applies. PCC807 also shows at least one of 
said first and second data interface means (figure). The PCC807 shows all of the elements 
recited in claim 38. 

As for claim 39, the argument for claim 37 applies. PCC807 also shows data processing 
means for processing data provided by said first and second data interface means in 
accordance with program execution data provided by said control data (processor). The 
PCC807 shows all of the elements recited in claim 39. 

As for claim 40, the argument for claim 37 applies. PCC807 also shows data storage 
means, among others for storing said control data, said program execution data and 
authentication data (figure). The PCC807 shows all of the elements recited in claim 40. 



Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 



7. 



invention was made to a person having ordinary skill in the art to which said subject matter pertains 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of the 

claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the various 

claims was commonly owned at the time any inventions covered therein were made absent any 

evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1 .56 to point out 



inventor and invention dates of each claim that was not commonly owned at the time a later 
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invention was made in order for the examiner to consider the applicability of 35 U.S.C. 103(c) 
and potential 35 U.S.C. 102(e), (f) or (g) prior art under 35 U.S.C. 103(a). 
8. Claims 13 and 18-27 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
PCC807 (applied above) in view of Challener et al., U.S. Pat. No. 6,598,032 B1 . 

As for claim 13, the argument above for claim 1 1 applies. PCC807 does not specifically 
show that said I/O means are configured for connecting at least one Voice over IP (VoIP) digital 
telephone device. However, Challener shows a system coupling a smart card reader to a PC 
which is coupled to the internet. Among the services available over the internet is VoIP, and it 
therefore would have been obvious to one of ordinary skill in the art at the time of the invention 
to connect the system of the PCC807 to the internet as shown by Challener to use VoIP 
services in order to communicate over the internet. 

As per claim 18, PCC807 shows a data transfer device (the PCC807) having first data 
interface means (serial interface) for exchanging data with a data processing system, second 
data interface means (interfaces at the bottom of the figure) for exchanging data with a user of 
said data transfer device, and control means (processor 8051 and affiliated modules) for 
controlling data transfer between said first and the second data means. The PCC807 does not 
specifically show a first processing device such as to be operated by an authorization entity, a 
second processing device such as to be operated by a user and wherein said first and second 
processing devices connect to a data network, said data transfer device with its first interface 
means connects to said second processing device, and said first and second processing 
devices being configured for exchanging control data from said first processing device to said 
data transfer device for selectively enabling said second data interface means of said data 
transfer device. 
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However Challener shows a first processing device such as to be operated by an 
authorization entity (server 205B), a second processing device (202) such as to be operated by 
a user and wherein said first and second processing devices connect to a data network 
(internet), said data transfer device with its first interface means connects to said second 
processing device, and said first and second processing devices being configured for 
exchanging control data from said first processing device to said data transfer device for 
selectively enabling said second data interface means of said data transfer device (figure 2, 
wherein the card reader apparatus is coupled to the second processing device 202 and the 
processing devices exchange control information for secure data transfer (throughout cols. 4-8). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to use 
the PCC807 in a system such as Challener's in order to allow secure operations between a 
smart card and a server on the internet for accessing all of the various systems and functions 
coupled to the internet. 

As for claim 19, the argument for claim 18 applies. PCC807 also shows a transaction 
involves exchange of trusted data (throughout the document). Challener shows said first 
processing device is configured for providing control data for setting said data transfer device in 
a secure mode (cols. 5-6). 

As for claim 20, the argument for claim 18 applies. Challener shows a third processing 
device such as to be operated by a transaction entity, wherein said third processing device 
connects to said data network (connected to the web server), and said first processing device 
being configured for enabling a transaction between said second and third processing devices 
dependent on said enabling of said second data interface means of said data transfer device 
(cols. 5-6). 
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As for claim 21 , the argument for claim 20 applies. Challener also shows that said 
transaction between said second and third processing devices involves exchange of trusted 
data between said first and second processing devices, wherein said first processing device is 
configured for providing control data for setting said data transfer device in a secure mode of 
operation and wherein said third processing device is configured for enabling said transaction 
between said second and third processing devices after said trusted data have been 
successfully exchanged (cols. 5-7). 

As for claim 22, the argument for claim 20 applies. PCC807 also shows that said second 
data interface comprises Input/Output (I/O) means for data exchange with at least one 
peripheral device to be connected to said I/O means (in the figure). Challener shows said 
transaction between said second and third processing devices involves exchange of trusted 
data between said first and second processing devices, said first processing device being 
configured for providing control data for setting said data transfer device in a secure mode of 
operation and said third processing device is configured for enabling a transaction between said 
I/O means and said third processing device after said trusted data have been successfully 
exchanged (cols. 5-7). 

As for claim 23, the argument for claim 20 applies. Challener also shows that said 
transaction entity is a telecommunication service provider (cols. 5-7, wherein the transaction can 
take place between the user and any site coupled to the internet that accepts payments which 
would include a telecommunication service provider). 

As for claim 24, the argument for claim 20 applies. Challener also shows a plurality of 
first, second and third processing devices wherein said data network is a public data network, 
such as the Internet (fig.2 and cols. 5-7). 
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As for claim 27, the argument for claim 20 applies. Challener also shows a third 
processing device configured for operating in accordance with claim 20 (cols. 5-7). 

As for claim 25, the argument for claim 18 applies. Challener shows a first processing 
device configured for operating in accordance with claim 18 (205b). 

As for claim 26, the argument for claim 18 applies. Challener shows a second 
processing device configured for operating in accordance with claim 18 (202). 

Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. The cited references show smart card systems that operate in secure modes. 

1 0. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Glenn A. Auve whose telephone number is (703) 305-9638. The 
examiner can normally be reached on M-Th 8:00 AM-5:30 PM, every other Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Mark Rinehart can be reached on (703) 305-4815. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
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applications is available through Private PAIR only. For more information about the PAIR 
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